Plan Product Integration and Environments¶
(Activity) for Tier: Product
PURPOSE¶
Planning product integration guides how a complete working product is delivered from artifacts created during development and integrating external components. This includes specifying the integration environment the product requires, the integration sequence for assembling and installing the product in that environment, and how to verify the product is operating as intended once fully assembled and deployed. The strategy for product integration is Continuous Integration and Continuous Deployment. Additionally, this activity covers the establishment of the verification and validation environments.
WHEN¶
- Changes to the Solution Architecture or Code affect product integration
- Changes to the Product Integration, Verification, and Validation Environments affect this plan
PARTICIPATING ROLES¶
- ACCOUNTABLE
INPUTS¶
ENTRY CRITERIA¶
- The Solution Architecture defines a minimum set of code products to be integrated
SUB-ACTIVITIES¶
Establish Environments
- Determine the number and type of environments required. Include consideration of how the project’s plans for integration, verification, and validation.
- Analyze the Solution Architecture to define the infrastructure needs for each environment and the configuration of that infrastructure. Include consideration of the hardware necessary to support the software environments such as that for web servers, application servers, and database servers.
- Record the integration environment(s) within the Product Integration Plan (PIP).
- Record the verification and validation environments either in the PIP or a Software Test Plan per the team’s procedure.
Determine Pipeline Schedule and Packaging
Analyze the Solution Architecture to determine how the product’s components will be compiled, packaged and deployed. Include consideration of issues such as the build and deployment technologies that will be used, how the product can be packaged and versioned to support incremental updating with reduced risk, and what specific configurations, parameters, alerts, etc. should be established.
Analyze the Solution Architecture, environment security constraints, and company policies to determine what Code Artifacts are required to be produced along with the executable software. Artifacts may include one or more of the following:
- Static code scans, SonarQube, Fortify Static Code Analysis, Mend Bolt, etc.
- Lists of included 3rd party software COTS, GOTS, and OSS
- Software Bill of Materials (SBOM)
- Code Metrics Lines of Source Code, Lines of Executable Code, Class Coupling, Depth of Inheritance, Cyclomatic Complexity, Maintainability Index, etc.
Determine and record the pipeline trigger(s) for when the team is executing a sprint. This may be a set schedule, project condition, the completion of another pipeline, or manually.
Identify the pipeline(s) to be executed for Pull Requests
Identify the pipeline(s) to be executed for Continuous Integration
Review Interface Implementation
- Review all interface specifications included in the Solution Architecture and determine how these interfaces will be implemented in the defined environments. Include consideration of how coordination with external interface partners will be accomplished and how the security requirements of host environments will be met, when applicable.
Define Integration Sequence
- Define criteria for when the integration sequence can be initiated. Include consideration of how quality and completeness of source code and other inputs used will be determined. This may be redundant and skipped if the resources required to build the product are insignificant to the project.
- Define when required code artifacts will be produced and stored either automatically within a pipeline or manually in the integration sequence.
Document Environment Configuration and Deployment Instructions
- Create or revise instructions for environment initialization or update. This includes any data, 3rd party component, configuration, or other needed changes for the plan.
- Create or revise instructions for installing or updating each component of the product with the defined build package.
- Include complete instructions for required configuration file settings, host environment configuration and settings, or any similar configuration issues. Include consideration of how versioning will be maintained and how versioning of dependencies will be verified. Ensure instructions for completing all interfaces with other product components or external systems are included.
Note
Documented Configuration and Deployment instructions may need to be updated due to sprint work
Establish Verification Methods
- Establish and record the criteria for verifying correct integration of product components, functionality of external interfaces, and that the overall product is functioning. Consider inclusion of verification checks at appropriate points during the integration sequence. The criteria may simply define the necessary pass rate or tests to pass within a continuous integration environment. The criteria may include review of code artifacts produced to ensure minimum quality gates or criteria have been met.
Gain Team Commitment
- Provide the project’s PIP to all relevant stakeholders for review and comments.
- Revise the PIP as needed to achieve a team commitment to the final version.
- As needed, create or update team norms and standards for attaining a team commitment to the PIP. This must include how team members participating in the review of the plan will be identified, what the criteria for a satisfactory plan are, and how the results of the review will be documented. Documented results of a review must include identification of participants and a description of any changes needed to include noting if no changes are required.
OUTPUTS¶
- A peer reviewed Product Integration Plan
- Defined validation and verification environments
EXIT CRITERIA¶
- Environments that meet the needs of the Product Integration Plan can be created
- Criteria for verifying product integration can be evaluated